My CEH Experience

az_golferaz_golfer Member Posts: 31 ■■□□□□□□□□
So my job allowed me the option of picking a training this year and I chose the CEH coursed offered by a IT training organization in Phx, Az.

I just finished the first day and I have to say I am impressed with the instructor his methods. For those familiar with the CEH, there is ALOT of tool **** stuff...but the training center I am at has been making an effort to teach the underlying concepts/theory behind the tools.

Day One: We did alot of work on foot-printing and reconnaissance of an organization. Trying to gain as much information about an object as possible from online resources such as whois, google hacking, etc...I won't go too much into the details here.

I left today's class feeling a bit like it was a slow day. But when I got to my hotel I applied some of the techniques discussed today and was impressed. I'm looking forward to tomorrow where discuss how the footprinting work we did today is turned it into actual attacks.

Will report back as the course progresses.


  • darkerosxxdarkerosxx Banned Posts: 1,343
    I'm pretty sure they don't start on attacks til day 3 or even 4. There's so much material before you even get into want to know who you're attacking and what they have so you can target your attacks in the best manner. Most people will probably tell you the biggest part of hacking isn't the attacks themselves, but the planning before and covering up after. I understand where you're coming from, though, the attack material/labs are fun. icon_wink.gif

    I'm glad you're enjoying the class! It's cool to see more people into the CEH. Keep us posted about your progess. :)
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,846 Admin
    I think the biggest part of any vulnerability analysis is the documentation of what you are doing. It's a lot like a doctor keeping a chart on a hospital patient. You need to document what's been done, what the results are, and what the situation is at all times. You want to know when a test was positive/negative, you don't want to duplicate your efforts, and you do want to know when something has changed.
  • az_golferaz_golfer Member Posts: 31 ■■□□□□□□□□
    Definitely agree with the posts above.

    On Day 2 we started covering more of the scanning and enumeration. Learning the tools to scan a range of ip addresses belonging to an organization. Learning the nuances between how different operating systems respond differently to scans and how much information you can obtain from such differences.

    The tools that can be used to probed systems to determine what services are running on them are powerful. And when taken in combination with the foot-printing work done previously the process for determining an attack tree can be diagrammed.

    We also discussed using anonymizers and passive techniques in which you can get the information you want without divulging <yourself>.

    I believe tomorrow is going to start utilizing the techniques to actually GET IN to the other system.

    Overall, the course has been very interesting and informative.
    Definitely looking forward to tomorrow. =)
  • az_golferaz_golfer Member Posts: 31 ■■□□□□□□□□
    The last day of training was awesome. We had a lab where we were given a target network to attack.

    The network was sitting behind a NAT/Firewall. Our group was able to perform a sql injection attack in order to install a backdoor on the webserver. This gave us remote shell access. From there we were able to **** the encrypted passwords from the stored credentials on the server.

    Next up we used a password cracker in order to obtain the clear text passwords. From there we enumerated the other servers on the internal network and BAM...we control the network.

    Very awesome lab. In conclusion, I highly recommend attending this class if given the opportunity.
  • dynamikdynamik Banned Posts: 12,314 ■■■■■■■■□□
    Cool. Have you looked at the OSCP or GPEN at all? They seem to be a little more hands-on than the CEH course. I'd probably have to pay out of pocket and take vacation time to do these, so the CEH course doesn't really seem to be worth it for me.

    Have you scheduled your exam yet? I need to do mine here pretty quick because v5 is going to retire soon icon_eek.gif
  • az_golferaz_golfer Member Posts: 31 ■■□□□□□□□□
    V5 retiring soon? Shoot...I need to get schedule that quick then. Right now I'm setting up a virtual network to do some home based labs.

    I'm going to have to do some googling on OSCP or GPEN. Have not researched those much at all.
  • KasorKasor Member Posts: 918 ■■■■□□□□□□
    I'm thinking to take it at April/May to attend the training. Budget is short from work and thinking to see how much to I have to pay on tax returns.. You are very lucky that your company paying for you.
    Kill All Suffer T "o" ReBorn
  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,846 Admin
    I've read that the CEHv5 exam will be available until June 2009. I assume that means as of June 1st the CEHv5 exam will no longer be offered.

  • mamonomamono Member Posts: 776 ■■□□□□□□□□
    Interesting write up, I think that everyone can benefit from this knowledge. Unfortunately, attending a course like this is usually a bit on the pricey side and most are paying out of pocket. Thanks for the impression. I would love to take this course if I had the opportunity.
Sign In or Register to comment.